Критика нашумевшей статьи о новом алгоритме факторизации, который (цитата): "...destroys the RSA cryptosystem": https://crypto.stackexchange.com/questions/88582/does-schnorrs-2021-factoring-method-show-that-the-rsa-cryptosystem-is-not-secur
TL/DR: сенсации в этот раз не случилось, увы.
TL/DR: сенсации в этот раз не случилось, увы.
Cryptography Stack Exchange
Does Schnorr's 2021 factoring method show that the RSA cryptosystem is not secure?
Claus Peter Schnorr recently posted a 12-page factoring method by SVP algorithms. Is it correct?
It says that the algorithm factors integers $N \approx 2^{400}$ and $N \approx 2^{800}$ by $4.2 \cdo...
It says that the algorithm factors integers $N \approx 2^{400}$ and $N \approx 2^{800}$ by $4.2 \cdo...
Quantum Collision Attacks on Reduced SHA-256 and SHA-512
"In this paper, we for the first time show dedicated quantum collision attacks on SHA-256 and SHA-512. The attacks reach 38 and 39 steps, respectively, which significantly improve the classical attacks for 31 and 27 steps. Both attacks adopt the framework of the previous work that converts many semi-free-start collisions into a 2-block collision, and are faster than the generic attack in the cost metric of time-space tradeoff. We observe that the number of required semi-free-start collisions can be reduced in the quantum setting, which allows us to convert the previous classical 38 and 39 step semi-free-start collisions into a collision. The idea behind our attacks is simple and will also be applicable to other cryptographic hash functions."
https://eprint.iacr.org/2021/292
"In this paper, we for the first time show dedicated quantum collision attacks on SHA-256 and SHA-512. The attacks reach 38 and 39 steps, respectively, which significantly improve the classical attacks for 31 and 27 steps. Both attacks adopt the framework of the previous work that converts many semi-free-start collisions into a 2-block collision, and are faster than the generic attack in the cost metric of time-space tradeoff. We observe that the number of required semi-free-start collisions can be reduced in the quantum setting, which allows us to convert the previous classical 38 and 39 step semi-free-start collisions into a collision. The idea behind our attacks is simple and will also be applicable to other cryptographic hash functions."
https://eprint.iacr.org/2021/292
The Eye of Horus: Spotting and Analyzing Attacks on Ethereum Smart Contracts
"In recent years, Ethereum gained tremendously in popularity, growing from a daily transaction average of 10K in January 2016 to an average of 500K in January 2020. Similarly, smart contracts began to carry more value, making them appealing targets for attackers. As a result, they started to become victims of attacks, costing millions of dollars. In response to these attacks, both academia and industry proposed a plethora of tools to scan smart contracts for vulnerabilities before deploying them on the blockchain. However, most of these tools solely focus on detecting vulnerabilities and not attacks, let alone quantifying or tracing the number of stolen assets. In this paper, we present Horus, a framework that empowers the automated detection and investigation of smart contract attacks based on logic-driven and graph-driven analysis of transactions. Horus provides quick means to quantify and trace the flow of stolen assets across the Ethereum blockchain. We perform a large-scale analysis of all the smart contracts deployed on Ethereum until May 2020. We identified 1,888 attacked smart contracts and 8,095 adversarial transactions in the wild. Our investigation shows that the number of attacks did not necessarily decrease over the past few years, but for some vulnerabilities remained constant. Finally, we also demonstrate the practicality of our framework via an in-depth analysis on the recent Uniswap and Lendf.me attacks."
https://eprint.iacr.org/2021/284
"In recent years, Ethereum gained tremendously in popularity, growing from a daily transaction average of 10K in January 2016 to an average of 500K in January 2020. Similarly, smart contracts began to carry more value, making them appealing targets for attackers. As a result, they started to become victims of attacks, costing millions of dollars. In response to these attacks, both academia and industry proposed a plethora of tools to scan smart contracts for vulnerabilities before deploying them on the blockchain. However, most of these tools solely focus on detecting vulnerabilities and not attacks, let alone quantifying or tracing the number of stolen assets. In this paper, we present Horus, a framework that empowers the automated detection and investigation of smart contract attacks based on logic-driven and graph-driven analysis of transactions. Horus provides quick means to quantify and trace the flow of stolen assets across the Ethereum blockchain. We perform a large-scale analysis of all the smart contracts deployed on Ethereum until May 2020. We identified 1,888 attacked smart contracts and 8,095 adversarial transactions in the wild. Our investigation shows that the number of attacks did not necessarily decrease over the past few years, but for some vulnerabilities remained constant. Finally, we also demonstrate the practicality of our framework via an in-depth analysis on the recent Uniswap and Lendf.me attacks."
https://eprint.iacr.org/2021/284
ghidra_nodejs
GHIDRA plugin to parse, disassemble and decompile NodeJS Bytenode (JSC) binaries.
https://github.com/PositiveTechnologies/ghidra_nodejs
GHIDRA plugin to parse, disassemble and decompile NodeJS Bytenode (JSC) binaries.
https://github.com/PositiveTechnologies/ghidra_nodejs
GitHub
GitHub - PositiveTechnologies/ghidra_nodejs: GHIDRA plugin to parse, disassemble and decompile NodeJS Bytenode (JSC) binaries
GHIDRA plugin to parse, disassemble and decompile NodeJS Bytenode (JSC) binaries - PositiveTechnologies/ghidra_nodejs
Lord of the Ring(s): Side Channel Attacks on the
CPU On-Chip Ring Interconnect Are Practical
We introduce the first microarchitectural side channel attacks that leverage contention on the CPU ring interconnect.
https://arxiv.org/pdf/2103.03443.pdf
https://github.com/FPSG-UIUC/lotr
CPU On-Chip Ring Interconnect Are Practical
We introduce the first microarchitectural side channel attacks that leverage contention on the CPU ring interconnect.
https://arxiv.org/pdf/2103.03443.pdf
https://github.com/FPSG-UIUC/lotr
Forwarded from Beched's thoughts
Торговля лицом FTW https://habr.com/ru/company/ruvds/blog/546026/
Хабр
Анонс: взрослый разговор о пентесте и хакинге
ЗАВТРА, в 20:00 в наших соцсетях выступит Омар Ганиев, основатель компании DeteAct и член российской команды хакеров LC↯BC. Омара можно смело назвать одним из с...
Deep Learning for Symbolic Mathematics
Neural networks have a reputation for being better at solving statistical or approximate problems than at performing calculations or working with symbolic data. In this paper, we show that they can be surprisingly good at more elaborated tasks
in mathematics, such as symbolic integration and solving differential equations. We propose a syntax for representing mathematical problems, and methods for generating large datasets that can be used to train sequence-to-sequence models. We achieve results that outperform commercial Computer Algebra Systems such as Matlab or Mathematica.
https://arxiv.org/pdf/1912.01412.pdf
Neural networks have a reputation for being better at solving statistical or approximate problems than at performing calculations or working with symbolic data. In this paper, we show that they can be surprisingly good at more elaborated tasks
in mathematics, such as symbolic integration and solving differential equations. We propose a syntax for representing mathematical problems, and methods for generating large datasets that can be used to train sequence-to-sequence models. We achieve results that outperform commercial Computer Algebra Systems such as Matlab or Mathematica.
https://arxiv.org/pdf/1912.01412.pdf
A Spectre proof-of-concept for a Spectre-proof web
In this post, we will share the results of Google Security Team's research on the exploitability of Spectre against web users, and present a fast, versatile proof-of-concept (PoC) written in JavaScript which can leak information from the browser's memory. We've confirmed that this proof-of-concept, or its variants, function across a variety of operating systems, processor architectures, and hardware generations.
https://security.googleblog.com/2021/03/a-spectre-proof-of-concept-for-spectre.html
In this post, we will share the results of Google Security Team's research on the exploitability of Spectre against web users, and present a fast, versatile proof-of-concept (PoC) written in JavaScript which can leak information from the browser's memory. We've confirmed that this proof-of-concept, or its variants, function across a variety of operating systems, processor architectures, and hardware generations.
https://security.googleblog.com/2021/03/a-spectre-proof-of-concept-for-spectre.html
Google Online Security Blog
A Spectre proof-of-concept for a Spectre-proof web
Posted by Stephen Röttger and Artur Janc, Information Security Engineers Three years ago, Spectre changed the way we think about security b...
GitHub удалил эксплоит для ProxyLogon и подвергся критике
https://xakep.ru/2021/03/12/proxylogon-poc-deleted/
https://xakep.ru/2021/03/12/proxylogon-poc-deleted/
XAKEP
GitHub удалил эксплоит для ProxyLogon и подвергся критике
Принадлежащая Microsoft компания GitHub удалила опубликованный исследователем PoC-эксплоит для уязвимостей ProxyLogon, недавно обнаруженных в Microsoft Exchange. Теперь ИБ-эксперты спорят, правильное ли решение приняло руководство сервиса.
leaky.page
This site hosts a proof of concept for the Spectre vulnerability written in JavaScript. It was developed and optimized for Chrome 88 running on an Intel® Core™ i7-6500U processor on Linux.
https://leaky.page/
This site hosts a proof of concept for the Spectre vulnerability written in JavaScript. It was developed and optimized for Chrome 88 running on an Intel® Core™ i7-6500U processor on Linux.
https://leaky.page/
leaky.page
Spectre in JavaScript
A Spectre demo written in JavaScript for Chrome 88.
CORS misconfiguration vulnerable Lab
This Repository contains CORS misconfiguration related vulnerable codes. One can configure the Vulnerable code on local machine to perform practical exploitation of CORS related misconfiguration issues.
https://github.com/incredibleindishell/CORS_vulnerable_Lab-Without_Database
This Repository contains CORS misconfiguration related vulnerable codes. One can configure the Vulnerable code on local machine to perform practical exploitation of CORS related misconfiguration issues.
https://github.com/incredibleindishell/CORS_vulnerable_Lab-Without_Database
GitHub
GitHub - incredibleindishell/CORS_vulnerable_Lab-Without_Database
Contribute to incredibleindishell/CORS_vulnerable_Lab-Without_Database development by creating an account on GitHub.
Regexploit: DoS-able Regular Expressions
When thinking of Denial of Service (DoS), we often focus on Distributed Denial of Service (DDoS) where millions of zombie machines overload a service by launching a tsunami of data. However, by abusing the algorithms a web application uses, an attacker can bring a server to its knees with as little as a single request. Doing that requires finding algorithms which have terrible performance under certain conditions, and then triggering those conditions. One widespread and frequently vulnerable area is in the misuse of regular expressions (regexes).
https://blog.doyensec.com/2021/03/11/regexploit.html
When thinking of Denial of Service (DoS), we often focus on Distributed Denial of Service (DDoS) where millions of zombie machines overload a service by launching a tsunami of data. However, by abusing the algorithms a web application uses, an attacker can bring a server to its knees with as little as a single request. Doing that requires finding algorithms which have terrible performance under certain conditions, and then triggering those conditions. One widespread and frequently vulnerable area is in the misuse of regular expressions (regexes).
https://blog.doyensec.com/2021/03/11/regexploit.html
Doyensec
Regexploit: DoS-able Regular Expressions
When thinking of Denial of Service (DoS), we often focus on Distributed Denial of Service (DDoS) where millions of zombie machines overload a service by launching a tsunami of data. However, by abusing the algorithms a web application uses, an attacker can…
Если вдруг кому-то потребуется обосновать опасность использования SMS в качестве второго фактора аутентификации: https://queue.acm.org/detail.cfm?id=3425909
Вакансия от Positive Technologies
Positive Technologies, отдел исследований по анализу защищённости приложений, старший разработчик.
География: удаленная работа, предпочтительно СПб
Основными задачами отдела является разработка алгоритмов анализа и защиты приложений, прототипирование и внедрение перспективных технологий в продукты компании.
Позиция подразумевает участие в проектах по исследованию технологий анализа защищённости и защиты приложений, разработку прототипов решений, развитие существующих проектов отдела (универсальный абстрактный интерпретатор, анализатор JavaScript-кода, LibProtection).
Требования к кандидату:
Опыт разработки приложений под .NET (C#);
принципы ООП и проектирования ПО;
методы рефакторинга;
основные алгоритмы и структуры данных.
Будет плюсом:
Понимание принципов работы компиляторов, методов решения задач по анализу кода;
знания в области безопасности веб-приложений;
теоретический бэкграунд (теории вычислений, графов, множеств).
vkochetkov@ptsecurity.com
Positive Technologies, отдел исследований по анализу защищённости приложений, старший разработчик.
География: удаленная работа, предпочтительно СПб
Основными задачами отдела является разработка алгоритмов анализа и защиты приложений, прототипирование и внедрение перспективных технологий в продукты компании.
Позиция подразумевает участие в проектах по исследованию технологий анализа защищённости и защиты приложений, разработку прототипов решений, развитие существующих проектов отдела (универсальный абстрактный интерпретатор, анализатор JavaScript-кода, LibProtection).
Требования к кандидату:
Опыт разработки приложений под .NET (C#);
принципы ООП и проектирования ПО;
методы рефакторинга;
основные алгоритмы и структуры данных.
Будет плюсом:
Понимание принципов работы компиляторов, методов решения задач по анализу кода;
знания в области безопасности веб-приложений;
теоретический бэкграунд (теории вычислений, графов, множеств).
vkochetkov@ptsecurity.com